CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-5663

The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.1%

CVSS Severity

CVSS v3 Score 7.4

CVSS v2 Score 3.7

References

http://jvn.jp/en/jp/JVN64636058/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000199
http://www.securityfocus.com/bid/79666
http://www.securitytracker.com/id/1034881
http://jvn.jp/en/jp/JVN64636058/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000199
http://www.securityfocus.com/bid/79666
http://www.securitytracker.com/id/1034881

Products affected by CVE-2015-5663

Rarlab » Winrar » Version: 5.30

cpe:2.3:a:rarlab:winrar:5.30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5663

Products

Pricing

Contact Us